2018 Ledizioni LediPublishing
Via Alamanni, 11 20141 Milano Italy
www.ledizioni.it
Confronting an Axis of Cyber? China, Iran, North Korea, Russia in Cyberspace
Edited by Fabio Rugge
First edition: October 2018
Published with the support of the Italian Ministry of Foreign Affairs and International Cooperation.
The opinions expressed are those of the authors. They do not reflect the opinions or views of ISPI or the Italian Ministry of Foreign Affairs and International Cooperation.
Print ISBN 9788867058655
ePub ISBN 9788867058662
Pdf ISBN 9788867058679
DOI 10.14672/67058655
ISPI. Via Clerici, 5
20121, Milano
www.ispionline.it
Catalogue and reprints information: www.ledizioni.it
Introduction
The year 2018 marks the thirtieth anniversary of the Morris worm, the first malware ever released in the Internet. Thirty years later, technological innovations have dramatically increased the importance of the Internet in virtually every economic, social and political endeavor, tremendously expanding the potential surface of cyber attacks. The cyber domain makes it possible to gather privileged information, disrupt industrial processes, create havoc by targeting, for instance, ICT supporting critical infrastructures, and to launch cyber-enabled information warfare campaigns against largely unaware foreign target audiences. Cyberspace, in sum, allows states to achieve strategic results with campaigns that fall below the threshold of the use of force, while offering an unprecedented level of plausible deniability, as the real perpetrator of a cyber attack is always difficult to identify with certainty. And yet, this is only the beginning: we are in the midst of a digital revolution. By 2025, with the development of the Internet of Things (IoT), the cyber domain will connect more than 75 billion devices, many of which will control key functions of our daily lives and most of our critical infrastructures.
As such, the cyber domain has already become, and will increasingly be, too important for national security not to be also the arena where national interests naturally collide. This, in fact, happens more and more frequently, as demonstrated by the recurrent examples of international crises originating from states behaviours in cyberspace. This is why the Italian Institute of International Political Studies (ISPI) decided last year to create its Centre on Cybersecurity. The aim is to analyse the dynamics occurring in cyberspace and their growing impact on international relations.
In this first Report from the Centre, the focus will be on the ongoing confrontation between states in cyberspace, and on the worrisome distrust developing within the international community with regard to the objectives pursued by states in cyberspace. In particular, taking stock of the accusations that US administrations consistently put forward in virtually every strategic document released in recent years concerning the behaviour displayed in cyberspace by China, North Korea, Russia and Iran, this volume draws a provocative link between the current grouping of these four countries and the concept of the axis of evil adopted by the Bush administration in the aftermath of the terrorist attacks of 9/11. In this sense, the Report investigates the behaviour, motivations and capabilities of China, North Korea, Russia and Iran in the cyber domain, and highlights the current irreconcilable political cleavage between these four countries and the West in their respective approaches in and around cyberspace. Even though every state uses cyberspace to protect and advance its national interests in the global cyber arena, these four countries appear, in the Western perspective, to have chosen cyberspace as the domain of choice for pursuing a destabilising strategic effect in the real world, insidiously leveraging the inherent difficulty in attributing cyber attacks. But there is an even more fundamental reason why the two approaches seem destined to clash, possibly justifying in this limited sense the perception that the West is confronted with some sort of an Axis 2.0 upholding a radically different set of principles and values from the ones that shape the Western perception of the Internet and, ultimately, of the world. While autocratic regimes consider a free and open Internet an intrinsic threat to their grip on power, the West notwithstanding the intrinsic vulnerabilities of its open societies considers the Internet a global common where centuries-old battles over human rights and individual freedoms are now playing out, a domain that must be protected against national constraints hidden under the banner of national security.
As highlighted in the introductory chapter by Fabio Rugge, the editor of this report, the current confrontation in cyberspace is translating, at the international level, into a massive security paradox, because the cyber strategies and capabilities developed by each state to defend national security may be perceived as and, to some extent, are offensive in character, thus undermining trust within the international community. In this security environment, international stability becomes volatile, the risk of escalations of the conflict in the conventional domain becomes increasingly concrete, and the international balance of power more and more difficult to assess and maintain. And yet, this unpredictable international order appears to be the best achievable so far, considering how sovereign nations will inevitably try to attain their respective cyber superiority. In order to fully grasp these apparently irreconcilable conceptualizations of cyberspace, it is useful to look at the empirical dimension of the countries that comprise the so-called Axis of Cyber. The volume looked at two main elements of their cyber approaches: their cyber capabilities and known cyber campaigns. Although it is very difficult to understand what is really going on in cyberspace and to rely on a certain attribution of responsibility for cyber attacks, a lot of information is available, and a common understanding is developing about each international actors motivations and behaviour.
Russia has been, within the so-called axis, one of the most active actors in the cyber arena. The cyber campaigns that may be traced more or less directly to Moscow, starting from the one originating in 2007 from its territory and directed against Estonia up to the more recent one against the Democratic National Committee in the US, brought worldwide public attention to cybersecurity issues. In their chapter, Tim Maurer and Garrett Hinck underline that Russias approach to cyberspace has been deeply shaped by its Soviet Union past, in particular from the information war fought and lost against the West. Since the mid-1990s the Kremlin has been conducting a diplomatic campaign for cyberspace regulation at the international level, a regulation that, in its intention, should safeguard the information space against the threat of foreign interference. The United States, however, has always been against such an approach. While Moscow has been building a strong apparatus to control and manage the Internet available to its citizens within its borders, it has also exploited this domain to pursue its strategic interests globally. To achieve its goals, Russia appears to have successfully developed technological capabilities and a particular informal public-private partnership with the hacker community.
